As part of the Community hub infrastructure, we need to define RPC calling conventions...

Moodle's APIs follow several principles that make them scalable annd flexible.

• They are "Just In Time discoverable" rather than all registered at runtime. This is a good optimization for HTTP's statelesness.
• Once an entry point is hit (a webpage in moodle, for instance) the module code author is in control. The framework doesn't limit what kinds of interactions can happen.

So we want to preserve those capabilities... Additionally, we want to make sure the RPC calls are safe, and cannot be exposed by accident.

Outline of a new mnet API

Calls can be exposed via the mnet API by

• Moodle core
• Moodle auth plugins
• Moodle enrol plugins
• Moodle modules

How the RPC calls are dispatched

The dispatcher is slightly different from a conventional XML-RPC dispacher that gets the available methods registered at startup. (It is too costly to walk all the available modules and plugins on each invocation.)

Instead, the rpc layer expects one of several prefixes in the method name

• mod_
• auth_
• enrol_

For modules

An RPC call to mod_forum_dofoobar() rpc call triggers:

• include_once(mod/forum/lib.php)
• check for function_exists("forum_rpc_dofoobar_enabled")
• if (forum_rpc_dofoobar_enabled())
• then invoke forum_rpc_dofoobar() with the parameters received...

Note: rpc_ is an arbitrary prefix that makes it clear that the function is for remote invocation. The _enabled() function must exist and return true for added security. make it really hard for a develper to expose something accidentally

For auth and enrol plugins

An RPC call to enrol_ldap_dofoobar() rpc call triggers:

• include_once(enrol/ldap/enrol.php)
• instanciate the class
• check for method_exists($obj, "rpc_dofoobar_enabled")
• if ($obj->rpc_dofoobar_enabled())
• then invoke $obj->rpc_dofoobar() with the parameters received...